Brian MaloneyYour AV is Trying to Tell You Something: VBN’s Part 1 Doug Metz at Baker Street ForensicsCSIRT-Collect Flynn Weeks at ‘The What2Log Blog’EventRecordID: A Hidden XML Tag Gabriele Zambelli at ‘Forense nella Nebbia’Building a Linux profile for Volatility 2 and 3 Kyle SongBlog #25: Importance of Drive Trim in Forensic Imager part 1. [KR] […]

ThinkDFIRMetaspike CTF – Week 6 – “HODL onto your timestamps” AbdulRhman Alfaifi at U0041Exploring Windows Artifacts : LNK Files Anatoly Tykushin at Group IBThe source of everything: forensic examination of incidents involving source code leaks Brian MaloneyYour AV is Trying to Tell You Something: AVMan.log/Daily AV Log Cellebrite Overview of Parsed Data in Cellebrite Physical […]

Also I’ll be delivering a SANS @Mic talk this Wednesday, 17 February at 1PM AEDT (2AM UTC, sorry!). The talk is aimed at people new to the field, talking about how to get started learning about digital forensics by testing and experimenting. You can register here Andrea Fortuna at ‘So Long, and Thanks for All […]

ThinkDFIRMetaspike CTF – Week 5 – “Spot the DFIRence” Abhiram’s Blog Mr EvilPepo [series] – TrollCAT CTF 2021 S3cr3t – TrollCAT CTF 2021 Andrea Fortuna at ‘So Long, and Thanks for All the Fish’Windows registry Transaction Logs in forensic analysis Brian MaloneyYour AV is Trying to Tell You Something: rawlog.log DFIR Review Extracting and Decrypting […]